Struts Lücke

Das gibt noch mehr Leaks, wenn nicht nur IRC-Bouncer installiert werden.

„Many of those apps may be essentially abandoned,“ Bright wrote. „The earliest affected version of Struts was released in October 2012, and I bet that there’s plenty of apps developed since then that are ‚finished‘. They’re still used and deployed, but they’re not receiving ongoing maintenance; their developers have moved on to other projects, or even other companies.“

Malwaretech twittert wieder

und wartet auf sein Verfahren:

Hutchins that he couldn’t talk about his case, saying that he was making light-hearted comments to avoid discussing it. „I’m still on trial, still not allowed to go home, still on house arrest; but now i am allowed online. Will get my computers back soon,“ he wrote.


Malwaretech hat Kronos geschrieben!

“He admitted he was the author of the code of Kronos malware and indicated he sold it.”


The judge said the defendant was not a danger to the community nor a flight risk and ordered him to remain in the US with GPS monitoring.

Leider geht aus dem Artikel nicht hervor, wie sie ihn gefunden haben. Sie haben wohl Chatlogs zwischen ihm und dem Mitangeklagten. Außerdem haben verdeckte Ermittler den Trojaner gekauft.

“He has tremendous community support, local and abroad and in the computer world.”

Er hat zugegeben, den Banking-Trojaner geschrieben zu haben. Dafür bekommt er jetzt von Whitehats Unterstützung?